摘要
大规模网络安全态势分析系统YHSAS面向国家骨干网络安全以及大型网络运营商、大型企事业单位等大规模网络环境,对能够引起网络态势发生变化的安全要素进行获取、理解、显示以及预测未来的发展趋势。本文介绍了YHSAS系统的系统架构,并对其中的关键技术进行深入研究,包括:网络空间安全大数据实时分析计算平台技术、面向网络安全全要素信息采集与高维向量空间分析技术、支持超大规模网络安全知识表示和管理的知识图谱技术、多层次多粒度多维度的网络安全指标体系构建方法、基于自适应预测模型的多模式、多粒度网络安全事件预测技术等。性能测试显示,YHSAS系统在态势分析和预测方面均具有较高的实时性和精度,满足了大规模网络安全态势分析与预测的需求。
YHSAS is developed for national backbone network, Jarge network operators, large enterprises and other large-scale network. The system acquires, understands and displays the security factors which cause changes of network situation, and predict the future development trend of these security factors. This paper describes its architecture and key technologies : security data integration technology for distributed het- erogeneous network, association analysis technology oriented the major network security events, real-time analysis technology based on the data flow and muhi-dimensional analysis for network security data, network security situation prediction technology, and so on. The performance tests show that SSAP has high real-time and accuracy in security situation analysis and trend prediction. The system meets the demands of anal- ysis and prediction for large-scale network security situation.
出处
《信息技术与网络安全》
2018年第1期17-22,共6页
Information Technology and Network Security
关键词
网络安全态势分析与预测
关联分析
多维分析
数据流
Network Security Situation Analysis and Prediction, Association Analysis, Multi-dimensional Analysis, Data Flow.